[Preston] Re : Just installed Fedora Core 1

Fri Jan 16 09:15:15 GMT 2004

Granville Cousins wrote:

>Hello PLUG, 
>
>I've just installed Fedora Core 1 on the second hard disk on my
>desktop PC. I'm having trouble finding out how to get connected to
>the Internet and would like to know, when I do get connected, if and
>where I can get an AntiVirus programme. At present I am using AVG
>AntiVirus under Windows XP and for my email client I am using The
>Bat! This is an excellent email programme and is very configurable. I
>have a data base with round about 2,000 entries and divided up into
>directories so I would like to run this in Linux to. I have heard
>about a programme called Wine which allows Microsoft Windows
>programmes to run under Linux. Where would I get this?
>  
>
Hi there,

Would you be looking for anti-virus to protect your Linux system, or, 
say, to scan Windows executables as they pass through it on their way to 
a Windows machine? If it's the latter, I know that at least Sophos and 
AVG have LInux versions that (I think) work with the mailserver software 
to scan them and so on. Wouldn't surprise me if you could run some of 
them under WINE too - but all they'd be doing

If it's to protect your Linux system, I think I can say with some 
certainty that it's just not usually considered as part of a security 
model. It's all a bit dodgy IMO see; as they say elsewhere, prevention 
is better than cure, and that definitely applies here: it's much better 
to prevent malicious code from running on your system in the first place 
than to let it run and then clean up afterwards (and hope that it didn't 
do "rm -rf /" as it's first command :).

A few things that may help:

- Nearly all viruses out there at the moment are Windows executables, 
and so simply won't run under Linux.
- Run a firewall, and use it to block all incoming TCP connection 
requests (IMO, having any ports open to the outside world on a desktop 
is asking for trouble) - and as many UDP ports as you can, too, like at 
least all except 53.
- Make backups, just in case the worst does happen.
- Don't run anything as root unless you absolutely have to. I use Linux 
as my only desktop o/s, and only need root once every few days - I think 
it's fairly easy once you've got your system set up and so on.
- Pick a really strong root password - like 
s,iudyf9os86"*&IL^R?*^?LR*OLA*^RITLSVCluiysdfue4346std or something (but 
one that you can remember) - long, mixed case, numbers and weird symbols 
all mixed together. Makes it harder to get brute forced, just if they do 
get a password prompt.
- My own personal one: don't run anything that you can't get the source 
code for, and only run things that you got from trusted sources. It 
makes sense to verify things with md5 checksums and PGP signatures too.

There's more - feel free to ask and stuff - but I think you'll find that 
it generally avoids a virus checker. One thing that comes close to kind 
of being a virus checker is "chkrootkit". Really though, if you've had 
any kind of malicious code run on your system, it's safer to wipe the 
old install and start from scratch - you just don't know what they've 
done or how many backdoors there are in your system. If they may have 
had root, you don't even know that commands such as ls, ps or top are 
telling the truth any more.

I find that Linux makes a great replacement to Windows for a few reasons:

- I can rely on my system a lot more. Individual programs don't randomly 
hang up and have to be terminated from the outside as they do under 
Windows XP (we're all used to seeing that "End Now or Cancel?" box under 
Win2k/XP many times a day, right?), and it's nice that opening the 
CD-ROM drive doesn't take your whole system down either :)
- It's free, and there's software to do a huge amount of things under it 
that's also free.
- Security, viruses, spam, unwanted advertising, popup windows and other 
privacy and security issues are much less of a worry. Nearly all spam 
sent to me just goes into a 'Spam' folder and gets marked read 
automatically. Most of that's probably possible under Windows, but it's 
a lot of messing about, and always less reliable.
- Nag screens, activation, product keys and the rest of it are all a 
thing of the past :)
- Beacuse it comes with source code, the authors generally don't bother 
spying on you, since they'd be found out pretty quickly.
- You can get things /just/ how you want them - there's just no limit to 
how much you can customise stuff.

There's probably more, but I have to go and do some work :)

Hope this helps. If anyone thinks I've got anything wrong above btw, 
please make a mention of it so that we're not giving out misinformation.

Andrew